Description

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of non-authors via canonical redirects.

Remediation

References

CVE-2011-3126

Related Vulnerabilities

MySQL CVE-2022-39408 Vulnerability (CVE-2022-39408)

XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31986)

OpenVPN AS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3824)

WordPress Plugin PayPal Digital Goods powered by Cleeng Cross-Site Scripting (2.2.13)

MongoDb Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-20924)

Severity

Medium

Classification

CVE-2011-3126 CWE-200

Tags

Missing Update Known Vulnerabilities